Pre-Infected Computers Were Compromised by a Transporter – Microsoft

The new computers that were found infected were not compromised during manufacturing

A few days ago, Microsoft announced that several new computers manufactured in China were infected during the manufacturing stage, revealing that Nitol, a program that steals sensitive information, is one of the detected malware.

It turns out however that Nitol and the other malicious files were installed by “a distributor, a transporter or a reseller,” according to a Microsoft spokeswoman who talked to BBC.

This means that the infection was not installed while the computers were still in the factory, Microsoft explained, so it all comes down to some security flaws spotted during the shipping process.

As you probably know from last week's reports, Microsoft's investigators acquired a total of 20 PCs from different Chinese locations. Four of them were infected with malware, including the aforementioned Nitol virus that steals user details, such as bank accounts.

You can read more about Microsoft's investigation in this case here, while details about the Nitol malware are available here.